binutils: set status for CVE-2025-7545 and CVE-2025-7546

The patches linked in NVD reports are present in binutils-2_45-branch. Technically the NVD is wrong (=2.45 should be <2.45), but fixing it in the recipe is not problematic as all cpe-stable-backport will be automatically removed in next upgrade so will not be "kept forever". CVE-2025-7545 * https://nvd.nist.gov/vuln/detail/CVE-2025-7545 * https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944 CVE-2025-7546 * https://nvd.nist.gov/vuln/detail/CVE-2025-7546 * https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=41461010eb7c79fee7a9d5f6209accdaac66cc6b (From OE-Core rev: 0fb876e247faea84dfa8fd302b80cb7afdc575d9) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-18 03:32:13 +02:00 · 2025-08-24 13:51:26 +02:00
parent fb4ebd6053
commit 21cedd6086
1 changed files with 3 additions and 0 deletions
--- a/meta/recipes-devtools/binutils/binutils-2.45.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.45.inc
@@ -18,6 +18,9 @@ SRCBRANCH ?= "binutils-2_45-branch"

 UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"

+CVE_STATUS[CVE-2025-7545] = "cpe-stable-backport: fix available in used git hash"
+CVE_STATUS[CVE-2025-7546] = "cpe-stable-backport: fix available in used git hash"
+
 SRCREV ?= "2bc7af1ff7732451b6a7b09462a815c3284f9613"
 BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https"
 SRC_URI = "\